fbpx
  • Blocks Hospice Policy

    For the purpose of carrying out its business operations as a medical facility and a trading company, Blocks Hospice EOOD processes personal data of individuals (“data subjects”) in strict compliance with Regulation (EC) 2016/679 (General Data Protection Regulation – GDPR), the Personal Data Protection Act, the healthcare regulatory framework, and the Company’s Privacy Policy.

    According to the General Regulation, ‘personal data’ means any information relating to a natural person through which that natural person can be directly or indirectly identified.

    ‘Data concerning health’ means personal data related to the physical or mental health of a natural person. These data are subject to special protection, considering their sensitive nature, and are to be processed by medical professionals bound by the obligation of professional secrecy.

    Personal data processing means any operation or set of operations which is performed on personal data by automated or other means.

    This policy provides information on:

    Who is data controller?
    Who are the natural persons whose personal data are processed by the Company?
    For what purposes and on what basis is personal data being processed?
    To whom are personal data transmitted or disclosed
    Personal data storing periods;
    Data security measures;
    Rights of individuals and methods by which they can be exercised.

    Data Controller

    The Data Controller is Blocks Hospice EOOD, address: Sofia, Dragalevtsi, Konstantin Pomyanov St., 1

    The Company has specially appointed a Data Protection Officer who can be contacted by e-mail: gdpr@blocks.care and phone: +359 89 750 2898

    Natural persons whose personal data are processed by the Company

    Blocks Hospice processes personal data of the following natural persons:

    (a) Patients and, where appropriate, their relatives;
    (b) Staff – current and former employees of the Company, job applicants and trainees;
    (c) Visitors to the medical facility;
    (d) Contractors or potential contractors of the Company and their employees.

    Purpose of processing

    The Company processes personal data for the following purposes:

    (a) Provision of health services – medical diagnostics, palliative care, etc.;
    (b) Implementation of the Company’s legal obligations, in particular under the Health Act, the Medical Facilities Act, the secondary legislation on their application;
    (c) Compliance with the staff-related requirements of the labour and social security legislation;
    (d) Ensuring the security of patients, employees and property through video surveillance, registration, physical security and access control;
    (e) Other legitimate purposes such as accounting services, maintenance and security of the Company’s website and IT systems, protection of the Company’s legitimate interests, including by court, etc.

    Legal grounds for processing

    Blocoks Hospice processes special categories of personal data such as health data, genetic data, or sexual life or sexual orientation data, only if any of the conditions of the General Regulation exists, and in particular:

    (a) For the purposes of, medical diagnostics, provision of health or social care or treatment;
    (b) To protect the vital interests of the data subject or of another natural person when the data subject is physically or legally incapable of giving his/her consent;
    (c) To protect the public interest in public health, such as ensuring high standards of quality and safety of healthcare and medicinal products or medical devices;
    (d) Subject to the explicit consent of the data subject for processing data for one or more specific purposes, unless the legislation does not allow for such consent.

    The Company also processes other personal data in the presence of any of the alternative legal grounds under the General Regulation, in particular:

    (a) Statutory obligations of the Company;
    (b) Implementation of a contract, including the pre-contractual relations prior to its execution;
    (c) The Company’s legitimate interests, in so far as they prevail the interests or the fundamental rights and freedoms of the data subjects;
    (d) Freely expressed specific informed and unambiguous consent of the data subject. The consent already granted may be withdrawn by the data subject at any time in the same manner as it was granted.

    To whom are personal data transmitted or disclosed

    Blocks Hospice EOOD provides personal data to:

    (a) Competent public authorities pursuant to statutory provisions, including to the National Health Insurance Fund, the Ministry of Health, NRA, NSSI, etc.;
    (b) Other companies of Blocks Hospice EOOD Group, external laboratories or other medical facilities;
    (c) Businesses providing services to the Company, including information maintenance and security of IT systems.

    In all these cases, Blocks Hospice EOOD takes the necessary measures to protect the rights and interests of data subjects, such as requiring that data processors undertake explicit contractual obligations to ensure data security and confidentiality protection.

    Personal data storing periods

    The personal data of the patients is kept in compliance with the statutory periods set out for the relevant medical records.

    The personal data of job applicants not approved for recruitment in the Company are kept for the period defined by the current data protection legislation following the end of the procedure and then returned to the data subjects or destroyed. The personal data may be stored for a longer period in order to make job offers only upon the written consent of the concerned applicant.

    Video surveillance records and visitors’ registers are stored for 60 (sixty) days under the Private Security Act.

    The personal data contained in accounting documents should be kept for the periods under Article 12 of the Accountancy Act.

    Personal data security

    Blocks Hospice EOOD applies all appropriate technical and organizational measures to ensure the security of personal data, including the express commitment of the employees to professional secrecy and confidentiality.

    Rights of data subjects

    Any natural person whose data is processed by Blocks Hospice EOOD has the following rights:

    – The right of access to their personal data, including to receive a copy thereof;
    – The right to correct or supplement any inaccurate or incomplete personal data;
    – The right to delete any personal data illegally processed;
    – The right to restrict the processing – in case of a legal dispute between the Company and the data subject – until the dispute is resolved or the legal claims are settled, exercised or protected;
    – The right to the portability of the personal data concerning the data subject and which the latter has provided to the Company in a structured, commonly used and machine-readable format.
    – The right to object – at any time and on grounds relating to his or her particular situation, unless there are compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the implementation of court procedures.

    The right of access to health information can be exercised as laid down in Article 27 of the Health Act. Health information may be provided to third parties when:

    – The treatment of the data subject continues in another medical institution;
    – There is a threat to the health or life of others;
    – It is necessary to identify a human body or to establish the causes of death;
    – It is necessary for the needs of the state health control to prevent epidemics and spread of infectious diseases;
    – It is necessary for the needs of medical expertise and social security;
    – It is necessary for the needs of medical statistics or for medical research, once data identifying the patient has been deleted;
    – It is necessary for the needs of the Ministry of Health, the National Center for Health Information, NHIF, regional health inspectorates and the National Statistical Institute.

    Pursuant to the Personal Data Protection Act, the above rights may be exercised by submitting a written application to: office 15, fl. 5, 85 Aleksandar Malinov blvd, Mladost region, 1715, Sofia. The application should be made personally by the data subject or by a person explicitly authorized by him/her with a power of attorney certified by a notary and a copy thereof should be submitted with the application.

    The response to the request for exercised right should be prepared on paper and received by the applicant at the address of the Company. The employees of the Company should verify the identity of the applicant by reference to the identity document submitted by the applicant and provide the reply in two copies, one for each party, signed by the applicant.

    Protection of the rights of data subjects

    Pursuant to the Personal Data Protection Act and the General Data Protection Regulation, any natural person who considers that his/her right to the protection of his or her personal data is violated may file a complaint with the Personal Data Protection Commission at: 2, Prof. Tsvetan Lazarov Blvd., 1592 Sofia, website: www.cpdp.bg.

  • Blocks Health and Social Care Policy

    Privacy Policy

    For the purpose of carrying out its business operations as a social services facility and a trading company, Blocks Health and Social Care EOOD processes personal data of individuals (“data subjects”) in strict compliance with Regulation (EC) 2016/679 (General Data Protection Regulation – GDPR), the Personal Data Protection Act, the healthcare regulatory framework, and the Company’s Privacy Policy.

    According to the General Regulation, ‘personal data’ means any information relating to a natural person through which that natural person can be directly or indirectly identified.

    ‘Data concerning health’ means personal data related to the physical or mental health of a natural person. These data are subject to special protection, considering their sensitive nature, and are to be processed by medical professionals bound by the obligation of professional secrecy.

    Personal data processing means any operation or set of operations which is performed on personal data by automated or other means.

    This policy provides information on:

    Who is data controller?
    Who are the natural persons whose personal data are processed by the Company?
    For what purposes and on what basis is personal data being processed?
    To whom are personal data transmitted or disclosed
    Personal data storing periods;
    Data security measures;

    Rights of individuals and methods by which they can be exercised.

    Data Controller

    The Data Controller is Blocks Health and Social Care EOOD, address: Sofia, Dragalevtsi, Konstantin Pomyanov St., 1

    The Company has specially appointed a Data Protection Officer who can be contacted by e-mail: gdpr@blocks.care and phone: +359 89 750 2898

    Natural persons whose personal data are processed by the Company

    Blocks Health and Social Care EOOD processes personal data of the following natural persons:

    (a) Social services’ beneficiaries and, where appropriate, their relatives;
    (b) Staff – current and former employees of the Company, job applicants and trainees;
    (c) Visitors to the medical facility;
    (d) Contractors or potential contractors of the Company and their employees.

    Purpose of processing

    The Company processes personal data for the following purposes:

    (a) Provision of social services;
    (b) Implementation of the Company’s legal obligations;
    (c) Compliance with the staff-related requirements of the labour and social security legislation;
    (d) Ensuring the security of beneficiares, employees and property through video surveillance, registration, physical security and access control;
    (e) Other legitimate purposes such as accounting services, maintenance and security of the Company’s website and IT systems, protection of the Company’s legitimate interests, including by court, etc.

    Legal grounds for processing

    Blocks Health and Social Care processes special categories of personal data such as health data, genetic data, or sexual life or sexual orientation data, only if any of the conditions of the General Regulation exists, and in particular:

    (a) For the purposes of social services provision
    (b) To protect the vital interests of the data subject or of another natural person when the data subject is physically or legally incapable of giving his/her consent;
    (c) Subject to the explicit consent of the data subject for processing data for one or more specific purposes, unless the legislation does not allow for such consent.

    The Company also processes other personal data in the presence of any of the alternative legal grounds under the General Regulation, in particular:

    (a) Statutory obligations of the Company;
    (b) Implementation of a contract, including the pre-contractual relations prior to its execution;
    (c) The Company’s legitimate interests, in so far as they prevail the interests or the fundamental rights and freedoms of the data subjects;
    (d) Freely expressed specific informed and unambiguous consent of the data subject. The consent already granted may be withdrawn by the data subject at any time in the same manner as it was granted.

    To whom are personal data transmitted or disclosed

    Blocks Health and Social Care EOOD provides personal data to:

    (a) Competent public authorities pursuant to statutory provisions, including to the National Health Insurance Fund, the Ministry of Health, NRA, NSSI, etc.;
    (b) Other companies of Blocks Health and Social Care EOOD Group, external laboratories or other medical facilities;
    (c) Businesses providing services to the Company, including information maintenance and security of IT systems.

    In all these cases, Blocks Health and Social Care EOOD takes the necessary measures to protect the rights and interests of data subjects, such as requiring that data processors undertake explicit contractual obligations to ensure data security and confidentiality protection.

    Personal data storing periods

    The personal data of the beneficiaries is kept in compliance with the statutory periods set out for the relevant medical records.

    The personal data of job applicants not approved for recruitment in the Company are kept for the period defined by the current data protection legislation following the end of the procedure and then returned to the data subjects or destroyed. The personal data may be stored for a longer period in order to make job offers only upon the written consent of the concerned applicant.

    Video surveillance records and visitors’ registers are stored for 60 (sixty) days under the Private Security Act.

    The personal data contained in accounting documents should be kept for the periods under Article 12 of the Accountancy Act.

    Personal data security

    Blocks Health and Social CareEOOD applies all appropriate technical and organizational measures to ensure the security of personal data, including the express commitment of the employees to professional secrecy and confidentiality.

    Rights of data subjects

    Any natural person whose data is processed by Blocks Health and Social Care EOOD has the following rights:

    – The right of access to their personal data, including to receive a copy thereof;
    – The right to correct or supplement any inaccurate or incomplete personal data;
    – The right to delete any personal data illegally processed;
    – The right to restrict the processing – in case of a legal dispute between the Company and the data subject – until the dispute is resolved or the legal claims are settled, exercised or protected;
    – The right to the portability of the personal data concerning the data subject and which the latter has provided to the Company in a structured, commonly used and machine-readable format.
    – The right to object – at any time and on grounds relating to his or her particular situation, unless there are compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the implementation of court procedures.

    The right of access to health information can be exercised as laid down in Article 27 of the Health Act. Health information may be provided to third parties when:

    – The treatment of the data subject continues in another medical institution;
    – There is a threat to the health or life of others;
    – It is necessary to identify a human body or to establish the causes of death;
    – It is necessary for the needs of the state health control to prevent epidemics and spread of infectious diseases;
    – It is necessary for the needs of medical expertise and social security;
    – It is necessary for the needs of medical statistics or for medical research, once data identifying the patient has been deleted.

    Pursuant to the Personal Data Protection Act, the above rights may be exercised by submitting a written application to: office 15, fl. 5, 85 Aleksandar Malinov blvd, Mladost region, 1715, Sofia. The application should be made personally by the data subject or by a person explicitly authorized by him/her with a power of attorney certified by a notary and a copy thereof should be submitted with the application.

    The response to the request for exercised right should be prepared on paper and received by the applicant at the address of the Company. The employees of the Company should verify the identity of the applicant by reference to the identity document submitted by the applicant and provide the reply in two copies, one for each party, signed by the applicant.

    Protection of the rights of data subjects

    Pursuant to the Personal Data Protection Act and the General Data Protection Regulation, any natural person who considers that his/her right to the protection of his or her personal data is violated may file a complaint with the Personal Data Protection Commission at: 2, Prof. Tsvetan Lazarov Blvd., 1592 Sofia, website: www.cpdp.bg.

  • Blocks Medico-Dental Center Policy

    Personal Data Protection – Blocks Medico-Dental Center EOOD

    For the purpose of carrying out its business operations as a medical facility and a trading company, Blocks Medico-Dental Center EOOD processes personal data of individuals (“data subjects”) in strict compliance with Regulation (EC) 2016/679 (General Data Protection Regulation – GDPR), the Personal Data Protection Act, the healthcare regulatory framework, and the Company’s Privacy Policy.

    According to the General Regulation, ‘personal data’ means any information relating to a natural person through which that natural person can be directly or indirectly identified.

    ‘Data concerning health’ means personal data related to the physical or mental health of a natural person. These data are subject to special protection, considering their sensitive nature, and are to be processed by medical professionals bound by the obligation of professional secrecy.

    Personal data processing means any operation or set of operations which is performed on personal data by automated or other means.

    This policy provides information on:

    Who is data controller?
    Who are the natural persons whose personal data are processed by the Company?
    For what purposes and on what basis is personal data being processed?
    To whom are personal data transmitted or disclosed?
    Personal data storing periods;
    Data security measures;
    Rights of individuals and methods by which they can be exercised.

    Data Controller

    The Data Controller is Blocks Medico-Dental Center EOOD, with registered address: office 15, floor 5, 85 Alexander Malinov blv., Sofia, registered by Sofia Regional Health Inspection under No. 7748 with address: Sofia, Dragalevtsi, Konstantin Pomyanov St., 1, phone/fax: +359 89 220 2040

    The Company has specially appointed a Data Protection Officer who can be contacted by e-mail: gdpr@blocks.care and phone: +359 89 750 2898

    Natural persons whose personal data are processed by the Company

    Blocks Medico-Dental Center EOOD processes personal data of the following natural persons:

    (a) Patients and, where appropriate, their relatives;
    (b) Staff – current and former employees of the Company, job applicants and trainees;
    (c) Visitors to the medical facility;
    (d) Contractors or potential contractors of the Company and their employees.

    Purpose of processing

    The Company processes personal data for the following purposes:

    (a) Provision of health services – medical diagnostics, treatment, clinical tests, etc.;
    (b) Implementation of the Company’s legal obligations, in particular under the Health Act, the Health Insurance Act, the Medical Facilities Act, the secondary legislation on their application, the National Framework Agreement;
    (c) Compliance with the staff-related requirements of the labour and social security legislation;
    (d) Ensuring the security of patients, employees and property through video surveillance, registration, physical security and access control;
    (e) Other legitimate purposes such as accounting services, maintenance and security of the Company’s website and IT systems, protection of the Company’s legitimate interests, including by court, etc.

    Legal grounds for processing

    Blocks Medico-Dental Center EOOD processes special categories of personal data such as health data, genetic data, or sexual life or sexual orientation data, only if any of the conditions of the General Regulation exists, and in particular:

    (a) For the purposes of preventive or occupational medicine, assessment of patients’ and employee’s ability to work, medical diagnostics, provision of health or social care or treatment;
    (b) To protect the vital interests of the data subject or of another natural person when the data subject is physically or legally incapable of giving his/her consent;
    (c) To protect the public interest in public health, such as protection against serious cross-border health threats or ensuring high standards of quality and safety of healthcare and medicinal products or medical devices;
    (d) Subject to the explicit consent of the data subject for processing data for one or more specific purposes, unless the legislation does not allow for such consent.

    The Company also processes other personal data in the presence of any of the alternative legal grounds under the General Regulation, in particular:

    (a) Statutory obligations of the Company;
    (b) Implementation of a contract, including the pre-contractual relations prior to its execution;
    (c) The Company’s legitimate interests, in so far as they prevail the interests or the fundamental rights and freedoms of the data subjects;
    (d) Freely expressed specific informed and unambiguous consent of the data subject. The consent already granted may be withdrawn by the data subject at any time in the same manner as it was granted.

    To whom are personal data transmitted or disclosed

    Blocks Medico-Dental Center EOOD provides personal data to:

    (a) Competent public authorities pursuant to statutory provisions, including to the National Health Insurance Fund, the Ministry of Health, NRA, NSSI, etc.;
    (b) Other companies of Blocks Medico-Dental Center EOOD’s Group, external laboratories or other medical facilities;
    (c) Businesses providing services to the Company, including information maintenance and security of IT systems.

    In all these cases, Blocks Medico-Dental Center EOOD takes the necessary measures to protect the rights and interests of data subjects, such as requiring that data processors undertake explicit contractual obligations to ensure data security and confidentiality protection.

    Personal data storing periods

    The personal data of the patients is kept in compliance with the statutory periods set out for the relevant medical records.

    The personal data of job applicants not approved for recruitment in the Company are kept for the period defined by the current data protection legislation following the end of the procedure and then returned to the data subjects or destroyed. The personal data may be stored for a longer period in order to make job offers only upon the written consent of the concerned applicant.

    Video surveillance records, call records at the Information Registry Office, and visitors’ registers are stored for 60 (sixty) days under the Private Security Act.

    The personal data contained in accounting documents should be kept for the periods under Article 12 of the Accountancy Act.

    Personal data security

    Blocks Medico-Dental Center EOOD applies all appropriate technical and organizational measures to ensure the security of personal data, including the express commitment of the employees to professional secrecy and confidentiality.

    Rights of data subjects

    Any natural person whose data is processed by Blocks Medico-Dental Center EOOD has the following rights:

    – The right of access to their personal data, including to receive a copy thereof;
    – The right to correct or supplement any inaccurate or incomplete personal data;
    – The right to delete any personal data illegally processed;
    – The right to restrict the processing – in case of a legal dispute between the Company and the data subject – until the dispute is resolved or the legal claims are settled, exercised or protected;
    – The right to the portability of the personal data concerning the data subject and which the latter has provided to the Company in a structured, commonly used and machine-readable format.
    – The right to object – at any time and on grounds relating to his or her particular situation, unless there are compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the implementation of court procedures.

    The right of access to health information can be exercised as laid down in Article 27 of the Health Act. Health information may be provided to third parties when:

    – The treatment of the data subject continues in another medical institution;
    – There is a threat to the health or life of others;
    – It is necessary to identify a human body or to establish the causes of death;
    – It is necessary for the needs of the state health control to prevent epidemics and spread of infectious diseases;
    – It is necessary for the needs of medical expertise and social security;
    – It is necessary for the needs of medical statistics;
    – It is necessary for the needs of the Ministry of Health, the National Center for Health Information, NHIF, regional health inspectorates and the National Statistical Institute.
    – It is necessary for the needs of insurers licensed under Section I of Appendix 1 or item 2 or under item 1 and 2 of Section II, letter “A” of Appendix 1 to the Insurance Code.

    Pursuant to the Personal Data Protection Act, the above rights may be exercised by submitting a written application to: office 15, fl. 5, 85 Alexander Malinov blvd., Sofia The application may also be sent electronically in accordance with the procedure laid down in the Electronic Document and Electronic Certification Services Act. The application should be made personally by the data subject or by a person explicitly authorized by him/her with a power of attorney certified by a notary and a copy thereof should be submitted with the application.

    The response to the request for exercised right should be prepared on paper and received by the applicant at the address of the Company in the Registry Department. The employees of the Registry Department should verify the identity of the applicant by reference to the identity document submitted by the applicant and provide the reply in two copies, one for each party, signed by the applicant.

    Protection of the rights of data subjects

    Pursuant to the Personal Data Protection Act and the General Data Protection Regulation, any natural person who considers that his/her right to the protection of his or her personal data is violated may file a complaint with the Personal Data Protection Commission at: 2, Prof. Tsvetan Lazarov Blvd., 1592 Sofia, website: www.cpdp.bg.

  • Cookies Policy

    What are cookies?

    Cookies are small text files that are placed on your computer or mobile device from web sites you visit. They are widely used to make web sites work more efficiently for the benefit of users, and to provide information to website owners.

    What are we using cookies for?

    We use cookies to perform the queries we get from users on our website, thereby improving the platform’s functionality. We also use cookies that are associated with certain functionality explicitly requested by web site users without which we would not be able to perform their orders.

    We use third-party cookies to provide ads and other third-party supplier services. We may not be able to control the use of these cookies, so users have the option to change their settings and refuse to use them according to the procedure described below.

    What cookies do we use?

    The table below describes the cookies we use and why:

    Name of cookieDurationPurpose
    _ga2 yearsIt is used to improve the website functionality intended to distinguish users.
    _gid24 hoursIt is used to improve the website functionality intended to distinguish users.
    _gat1 minuteIt is used to limit queries. If Google Analytics is implemented through Google Tag Manager, this cookie will be designated _dc_dtm_.
    PHPSESSIDIt is used to determine the type of browser used by the user in order to ensure good visualization
    GPS2 years

    It saves the location

     

    PREF2 yearsIt is used to make ads more engaging for users and more valuable for publishers and advertisers.
    YSCWhile the user is on the pageIt is used to identify the user and control watching videos from YouTube.
    NID2 years from the web site visit.It is used to customize ads in products like Google Search. For example, it is used to remember the most recent searches, previous interactions with advertiser’s ads or search results, as well as visits to the advertiser’s website.
    HSID2 yearsThis cookie contains digitally signed and encrypted records of the user’s Google Account ID and the time of the most recent login.
    SID2 yearsThis cookie contains digitally signed and encrypted records of the user’s Google Account ID and the time of the most recent login.
    IDE2 years from the web site visit.This cookie is one of Google’s main advertising cookies and is responsible for storing the doubleclick.net domain.
    APISID2 yearsThis cookie is used by Google to save settings and information for Google Maps.
    SAPISID2 yearsThis cookie is used by Google to save settings and information for Google Maps.
    1P_JAR1 weekThis cookie is used to collect web site statistics and track performance.
    Ci_sessionWhile the user is on the pageIt is used to distinguish users.
    CONSENTPermanentA session cookie that registers a unique ID to keep statistics on what YouTube videos the user has viewed.
    OGPC1 monthIt is used to target ads more accurately.

    How can users change their cookie settings?

    Most web browsers provide the option for control on the cookies through the settings of the browser. For more information about cookies, including what cookies are placed, go to www.aboutcookies.org or www.allaboutcookies.org.

    For more information on managing cookies in the most popular web browsers:

    We plan to improve our services in the future by enabling users to change their settings more easily and comprehensively, thereby to further protect the fundamental rights and freedoms of users in the process of provision and use of electronic communications services.